Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/51a655-2735-49ef-80df-b316db5938ff/1/6KxSqbo_KkAU0xv_L_S2IEjvLyc.roa
File: 6KxSqbo_KkAU0xv_L_S2IEjvLyc.roa (raw, json)
Hash identifier: 1mN6Ib/0NJlidB+nUIUQHfBcipiDO+6b4TPQgV5mGIo=
Subject key identifier: E8:AC:52:A9:BA:3F:2A:40:14:D3:1B:FF:2F:F4:B6:20:48:EF:2F:27
Certificate issuer: /CN=68d24addcc3d5b77a099a907122252a47c8f6310
Certificate serial: 0190A1C275871A90F3DF7017B1EEBA85A3B1
Authority key identifier: 68:D2:4A:DD:CC:3D:5B:77:A0:99:A9:07:12:22:52:A4:7C:8F:63:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aNJK3cw9W3egmakHEiJSpHyPYxA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/51a655-2735-49ef-80df-b316db5938ff/1/6KxSqbo_KkAU0xv_L_S2IEjvLyc.roa
Signing time: Thu 11 Jul 2024 12:26:34 +0000
ROA not before: Thu 11 Jul 2024 12:26:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12912
IP address blocks: 37.30.0.0/15 maxlen: 17
37.30.0.0/19 maxlen: 19
37.30.32.0/19 maxlen: 19
37.30.96.0/19 maxlen: 19
46.204.0.0/15 maxlen: 15
46.204.0.0/19 maxlen: 19
46.204.32.0/19 maxlen: 19
46.204.64.0/19 maxlen: 19
46.204.96.0/19 maxlen: 19
46.205.128.0/19 maxlen: 19
46.205.192.0/20 maxlen: 20
46.205.208.0/20 maxlen: 20
46.205.240.0/21 maxlen: 21
62.152.128.0/19 maxlen: 19
83.220.96.0/19 maxlen: 19
83.220.101.0/24 maxlen: 24
178.180.0.0/14 maxlen: 14
178.182.0.0/18 maxlen: 18
178.183.0.0/18 maxlen: 18
178.183.32.0/24 maxlen: 24
188.146.0.0/15 maxlen: 15
188.146.0.0/16 maxlen: 17
188.146.0.0/18 maxlen: 18
188.146.0.0/19 maxlen: 19
188.146.32.0/19 maxlen: 19
188.146.64.0/19 maxlen: 19
188.146.128.0/19 maxlen: 19
188.146.192.0/19 maxlen: 19
188.147.0.0/19 maxlen: 19
188.147.0.0/22 maxlen: 22
188.147.64.0/18 maxlen: 18
188.147.64.0/19 maxlen: 19
188.147.96.0/19 maxlen: 19
188.147.192.0/19 maxlen: 19
213.158.192.0/19 maxlen: 19
2001:1b80::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/62/51a655-2735-49ef-80df-b316db5938ff/1/aNJK3cw9W3egmakHEiJSpHyPYxA.crl
rsync://rpki.ripe.net/repository/DEFAULT/62/51a655-2735-49ef-80df-b316db5938ff/1/aNJK3cw9W3egmakHEiJSpHyPYxA.mft
rsync://rpki.ripe.net/repository/DEFAULT/aNJK3cw9W3egmakHEiJSpHyPYxA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 18:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:a1:c2:75:87:1a:90:f3:df:70:17:b1:ee:ba:85:a3:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68d24addcc3d5b77a099a907122252a47c8f6310
Validity
Not Before: Jul 11 12:26:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e8ac52a9ba3f2a4014d31bff2ff4b62048ef2f27
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:97:bb:b7:f5:d7:90:0a:9f:cc:5e:47:c6:11:
aa:e8:00:bc:c8:d8:c1:6c:ec:d9:48:f3:a1:49:0e:
6d:0a:81:e5:f2:36:9f:1d:47:6e:60:29:69:db:25:
02:63:8e:e8:3a:d9:28:0e:ca:a0:59:1a:b3:ab:83:
3c:ab:6c:f3:f8:5f:09:e4:8c:28:88:3b:86:25:3b:
6f:55:ab:fc:5d:f1:2a:2d:af:df:9b:10:b6:b4:6a:
66:2b:21:93:62:41:02:a0:70:33:43:1d:03:45:f0:
16:e2:d6:46:07:65:7b:df:e8:cd:12:b7:fb:66:d5:
86:35:1c:75:9f:b8:a6:eb:cc:b0:ca:a4:2f:1e:8d:
b5:a8:c3:b1:88:0f:87:8d:e2:0c:b4:63:59:55:76:
8e:97:75:5e:1b:74:f9:55:5f:51:9a:a2:f1:63:18:
6a:d2:5f:ed:0f:0f:a6:0f:d6:4f:06:75:0a:d4:17:
96:cf:b5:ba:04:25:e1:93:ab:84:6c:69:d8:e3:c6:
a1:e6:9c:86:d5:36:e1:54:21:b2:d2:fe:2f:b0:b1:
4f:de:15:4f:89:06:53:c0:07:be:b8:49:f5:3a:44:
95:69:0b:4c:64:30:ce:9b:18:b3:3c:75:aa:8d:be:
d7:13:89:5b:f2:b9:a1:9f:bf:71:d0:fe:cb:38:f0:
c7:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:AC:52:A9:BA:3F:2A:40:14:D3:1B:FF:2F:F4:B6:20:48:EF:2F:27
X509v3 Authority Key Identifier:
keyid:68:D2:4A:DD:CC:3D:5B:77:A0:99:A9:07:12:22:52:A4:7C:8F:63:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aNJK3cw9W3egmakHEiJSpHyPYxA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/51a655-2735-49ef-80df-b316db5938ff/1/6KxSqbo_KkAU0xv_L_S2IEjvLyc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/51a655-2735-49ef-80df-b316db5938ff/1/aNJK3cw9W3egmakHEiJSpHyPYxA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.30.0.0/15
46.204.0.0/15
62.152.128.0/19
83.220.96.0/19
178.180.0.0/14
188.146.0.0/15
213.158.192.0/19
IPv6:
2001:1b80::/29
Signature Algorithm: sha256WithRSAEncryption
46:0c:b8:e5:37:2e:e8:96:37:7a:f3:18:fe:fc:df:cf:1e:25:
d4:32:f4:36:a1:48:be:86:9c:d4:2e:73:f4:bf:94:ca:f7:f7:
3b:39:d8:f2:09:a9:10:d6:94:1b:ec:c7:b2:59:1b:aa:06:ad:
10:cf:e5:7f:b1:16:e4:b2:cd:bb:c5:a7:ab:94:a2:9d:b7:ec:
10:0f:ae:21:30:9d:47:13:ec:0a:8e:27:30:b3:37:33:13:c2:
00:2e:13:d2:d8:89:cc:bb:d2:83:e1:b7:ab:36:59:a9:49:85:
f2:71:66:c7:4e:80:52:b8:33:10:49:e1:8c:d5:0c:66:f7:97:
44:eb:a0:d6:25:16:2f:35:e1:af:6b:64:c5:73:9d:26:cb:03:
f7:67:b6:72:98:cf:e6:f7:f1:a0:f8:8d:ef:91:42:9b:88:b9:
82:5f:e9:e0:41:ac:15:95:08:02:06:5d:93:00:e6:ce:f6:2b:
83:51:b0:69:19:a2:6a:be:bd:3a:a8:cd:31:ac:4e:53:2c:69:
54:73:d9:b6:ed:7e:16:43:06:08:fd:45:a7:e9:05:66:0f:00:
d5:4f:82:f9:74:55:9c:cc:d1:93:29:87:31:c9:7f:7f:7d:55:
08:55:45:14:e1:48:1c:bd:d2:32:67:50:30:19:6a:46:39:b7:
12:4f:0a:a7
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgISAZChwnWHGpDz33AXse66haOxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4ZDI0YWRkY2MzZDViNzdhMDk5YTkwNzEyMjI1MmE0N2M4
ZjYzMTAwHhcNMjQwNzExMTIyNjM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOGFjNTJhOWJhM2YyYTQwMTRkMzFiZmYyZmY0YjYyMDQ4ZWYyZjI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvpe7t/XXkAqfzF5HxhGq6AC8yNjB
bOzZSPOhSQ5tCoHl8jafHUduYClp2yUCY47oOtkoDsqgWRqzq4M8q2zz+F8J5Iwo
iDuGJTtvVav8XfEqLa/fmxC2tGpmKyGTYkECoHAzQx0DRfAW4tZGB2V73+jNErf7
ZtWGNRx1n7im68ywyqQvHo21qMOxiA+HjeIMtGNZVXaOl3VeG3T5VV9RmqLxYxhq
0l/tDw+mD9ZPBnUK1BeWz7W6BCXhk6uEbGnY48ah5pyG1TbhVCGy0v4vsLFP3hVP
iQZTwAe+uEn1OkSVaQtMZDDOmxizPHWqjb7XE4lb8rmhn79x0P7LOPDHMwIDAQAB
o4ICODCCAjQwHQYDVR0OBBYEFOisUqm6PypAFNMb/y/0tiBI7y8nMB8GA1UdIwQY
MBaAFGjSSt3MPVt3oJmpBxIiUqR8j2MQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYU5KSzNjdzlXM2VnbWFrSEVpSlNwSHlQWXhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi81MWE2NTUtMjczNS00OWVmLTgwZGYt
YjMxNmRiNTkzOGZmLzEvNkt4U3Fib19La0FVMHh2X0xfUzJJRWp2THljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi81MWE2NTUtMjczNS00OWVmLTgwZGYtYjMxNmRiNTkzOGZm
LzEvYU5KSzNjdzlXM2VnbWFrSEVpSlNwSHlQWXhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME4GCCsGAQUFBwEHAQH/BD8wPTAsBAIAATAmAwMBJR4DAwEu
zAMEBT6YgAMEBVPcYAMDArK0AwMBvJIDBAXVnsAwDQQCAAIwBwMFAyABG4AwDQYJ
KoZIhvcNAQELBQADggEBAEYMuOU3LuiWN3rzGP78388eJdQy9DahSL6GnNQuc/S/
lMr39zs52PIJqRDWlBvsx7JZG6oGrRDP5X+xFuSyzbvFp6uUop237BAPriEwnUcT
7AqOJzCzNzMTwgAuE9LYicy70oPht6s2WalJhfJxZsdOgFK4MxBJ4YzVDGb3l0Tr
oNYlFi814a9rZMVznSbLA/dntnKYz+b38aD4je+RQpuIuYJf6eBBrBWVCAIGXZMA
5s72K4NRsGkZomq+vTqozTGsTlMsaVRz2bbtfhZDBgj9RafpBWYPANVPgvl0VZzM
0ZMphzHJf399VQhVRRThSBy90jJnUDAZakY5txJPCqc=
-----END CERTIFICATE-----
Generated at Sat Nov 23 02:06:42 2024 by rpki-client on console-ams.rpki-client.org